PHP Active Directory query

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Griven
Forum Contributor
Posts: 165
Joined: Sat May 09, 2009 8:23 pm

PHP Active Directory query

Post by Griven »

Hello, all.

I'm building a PHP application on top of IIS 6 using integrated authentication. It uses Active Directory as its role store by querying the group memberships of the current user.

The below search filter will work when you run it directly against Active Directory, however an error is thrown when trying to run it via PHP.

(member:1.2.840.113556.1.4.1941:=CN=Doe\, John,OU=Department,OU=All_Users,DC=internal,DC=domain,DC=com)

The exact error is PHP Warning: ldap_search() [function.ldap-search]: Search: Bad search filter

Code: Select all

$groupresult = ldap_search($connect, $groupdn, '(member:1.2.840.113556.1.4.1941:=CN=Doe\, John,OU=Department,OU=All_Users,DC=internal,DC=domain,DC=com)', $groupattributes) or die ('Fatal error: There was an error during the LDAP query.');
I've tried using a double backslash after the last name, as well as stripping out the slashes. Neither throws an error, but they only return an empty result set.

Another query that runs prior to this pulls out the user's attributes, so I know that the connection, bind, and search capabilities are functional.

Has anyone else tried this before and found a solution?
Post Reply